Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Serious 0-Day Flaw in Oracle -- Patch Released - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Serious 0-Day Flaw in Oracle -- Patch Released

Oracle has released an emergency security patch that corrects a 0-day flaw which is remotely exploitable without authentication.  This is a serious issue.

Oracle's security advisory can be found at the following link.  The advisory also contains recommendations for two  workarounds that you should implement to help mitigate the potential impact if you are not able to install the security patch right away:

More information about the issue can be found at:

Thanks to Frank for the heads-up.


David Goldsmith


78 Posts
Jul 30th 2008

Sign Up for Free or Log In to start participating in the conversation!